Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/R6SJHDwuUv-95i2goi6U5gg45a4.roa
File: R6SJHDwuUv-95i2goi6U5gg45a4.roa (raw, json)
Hash identifier: Zuo0PP3k6WisoBPmhlZWqiYZ9JMYkZYNe7rbptp5VqI=
Subject key identifier: 47:A4:89:1C:3C:2E:52:FF:BD:E6:2D:A0:A2:2E:94:E6:08:38:E5:AE
Certificate issuer: /CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Certificate serial: 018F53E4D551547F1F3B0B36D5AE8854F844
Authority key identifier: B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/R6SJHDwuUv-95i2goi6U5gg45a4.roa
Signing time: Tue 07 May 2024 16:30:56 +0000
ROA not before: Tue 07 May 2024 16:30:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200462
IP address blocks: 2.58.52.0/23 maxlen: 32
5.180.192.0/23 maxlen: 24
45.86.124.0/23 maxlen: 24
94.247.43.0/24 maxlen: 32
2a00:f826:8::/48 maxlen: 48
2a07:6fc0:10::/44 maxlen: 48
2a09:e1c0::/32 maxlen: 128
2a0c:8900::/29 maxlen: 128
2a0e:de80::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/tCU8TyM86YR2ma5o7L9ddRSw-ts.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/tCU8TyM86YR2ma5o7L9ddRSw-ts.mft
rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Jun 2024 04:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:53:e4:d5:51:54:7f:1f:3b:0b:36:d5:ae:88:54:f8:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Validity
Not Before: May 7 16:30:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=47a4891c3c2e52ffbde62da0a22e94e60838e5ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:63:05:7f:be:ec:bb:58:49:15:10:83:37:30:
1a:ef:27:a3:b8:ac:54:c3:33:54:a4:a1:da:87:5c:
38:9a:1f:55:87:fd:30:a0:54:7c:c2:64:d5:a1:f7:
bf:88:8e:bb:00:58:b7:88:cc:f4:76:17:bd:42:d6:
7f:04:fd:f4:75:35:8f:1e:04:41:88:0f:6d:01:82:
5e:51:36:ba:cb:b4:4a:14:fd:c2:c0:58:d8:e4:4e:
3b:45:2e:1e:d5:c6:87:2f:5f:47:58:f2:8d:05:f2:
b6:0f:4a:b4:d5:71:e4:cd:3e:2e:de:70:8f:b6:e7:
09:c8:8a:80:f6:95:c5:60:44:a6:77:13:6a:61:83:
cc:e8:4e:f6:b8:4f:bb:be:3e:e6:b8:75:85:8d:90:
eb:3a:93:4e:cb:aa:0f:12:76:87:8d:a8:3f:27:21:
ab:95:c6:20:f9:1e:8b:d7:89:20:b0:7e:68:ca:f5:
43:ae:bd:30:0d:f0:06:a8:bf:16:1f:42:72:cd:c8:
cc:59:25:de:d9:3b:8b:36:da:d3:9e:67:02:91:a6:
5d:cf:35:dd:d0:c1:01:42:ad:fb:ea:5f:a9:47:aa:
ef:87:c8:1a:13:99:0c:8c:9b:73:0d:9e:c4:d5:d9:
e4:6b:24:cd:d3:a7:4f:d1:b1:95:89:e0:fa:14:e8:
76:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:A4:89:1C:3C:2E:52:FF:BD:E6:2D:A0:A2:2E:94:E6:08:38:E5:AE
X509v3 Authority Key Identifier:
keyid:B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/R6SJHDwuUv-95i2goi6U5gg45a4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/tCU8TyM86YR2ma5o7L9ddRSw-ts.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.52.0/23
5.180.192.0/23
45.86.124.0/23
94.247.43.0/24
IPv6:
2a00:f826:8::/48
2a07:6fc0:10::/44
2a09:e1c0::/32
2a0c:8900::/29
2a0e:de80::/29
Signature Algorithm: sha256WithRSAEncryption
61:96:35:71:71:ef:9f:76:33:3b:7a:06:47:12:67:f0:19:d1:
1d:57:6e:ed:c2:7e:9a:7e:9b:18:16:a6:79:07:b6:23:fb:d6:
f1:78:9e:a2:5f:84:85:a4:d6:0d:80:b5:c9:07:29:c2:64:62:
f0:ac:f3:63:24:d2:dc:12:92:7c:92:05:99:26:81:49:e6:aa:
95:75:7f:a0:af:a6:a4:6c:36:2d:bc:b3:d4:72:77:1c:79:91:
eb:60:ce:68:7c:a5:62:f0:46:26:92:59:14:e0:4e:79:84:90:
7a:fb:89:ae:55:45:bb:50:06:a6:7c:8c:c2:fe:a9:6a:a7:1e:
d4:ca:3d:4f:ad:36:c5:ea:9c:d5:c7:d9:1f:b4:41:f9:f4:e6:
e2:04:74:6d:69:cc:16:35:51:3a:02:b3:bf:ce:0f:c4:cd:00:
d8:0d:cb:0d:b2:70:3d:c8:82:fc:a7:ba:c7:9b:e8:be:a3:e2:
74:66:f2:73:66:17:67:b6:98:61:93:14:88:41:8e:e9:3e:cf:
36:17:4e:6f:7d:97:17:c4:2e:0f:73:33:5a:da:ca:94:a2:5c:
83:df:e9:66:9c:6f:9b:82:4e:64:47:61:2c:de:af:a9:41:47:
d0:90:71:33:57:93:eb:88:d8:c9:31:db:3c:aa:15:06:f7:0d:
73:d1:2b:27
-----BEGIN CERTIFICATE-----
MIIFPjCCBCagAwIBAgISAY9T5NVRVH8fOws21a6IVPhEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MjUzYzRmMjMzY2U5ODQ3Njk5YWU2OGVjYmY1ZDc1MTRi
MGZhZGIwHhcNMjQwNTA3MTYzMDU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0N2E0ODkxYzNjMmU1MmZmYmRlNjJkYTBhMjJlOTRlNjA4MzhlNWFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApmMFf77su1hJFRCDNzAa7yejuKxU
wzNUpKHah1w4mh9Vh/0woFR8wmTVofe/iI67AFi3iMz0dhe9QtZ/BP30dTWPHgRB
iA9tAYJeUTa6y7RKFP3CwFjY5E47RS4e1caHL19HWPKNBfK2D0q01XHkzT4u3nCP
tucJyIqA9pXFYESmdxNqYYPM6E72uE+7vj7muHWFjZDrOpNOy6oPEnaHjag/JyGr
lcYg+R6L14kgsH5oyvVDrr0wDfAGqL8WH0JyzcjMWSXe2TuLNtrTnmcCkaZdzzXd
0MEBQq376l+pR6rvh8gaE5kMjJtzDZ7E1dnkayTN06dP0bGVieD6FOh2PQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFEekiRw8LlL/veYtoKIulOYIOOWuMB8GA1UdIwQY
MBaAFLQlPE8jPOmEdpmuaOy/XXUUsPrbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMt
NThiMzhmNWFjODBiLzEvUjZTSkhEd3VVdi05NWkyZ29pNlU1Z2c0NWE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMtNThiMzhmNWFjODBi
LzEvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGAGCCsGAQUFBwEHAQH/BFEwTzAeBAIAATAYAwQBAjo0AwQB
BbTAAwQBLVZ8AwQAXvcrMC0EAgACMCcDBwAqAPgmAAgDBwQqB2/AABADBQAqCeHA
AwUDKgyJAAMFAyoO3oAwDQYJKoZIhvcNAQELBQADggEBAGGWNXFx7592Mzt6BkcS
Z/AZ0R1Xbu3Cfpp+mxgWpnkHtiP71vF4nqJfhIWk1g2AtckHKcJkYvCs82Mk0twS
knySBZkmgUnmqpV1f6CvpqRsNi28s9Rydxx5ketgzmh8pWLwRiaSWRTgTnmEkHr7
ia5VRbtQBqZ8jML+qWqnHtTKPU+tNsXqnNXH2R+0Qfn05uIEdG1pzBY1UToCs7/O
D8TNANgNyw2ycD3Igvynuseb6L6j4nRm8nNmF2e2mGGTFIhBjuk+zzYXTm99lxfE
Lg9zM1raypSiXIPf6Wacb5uCTmRHYSzer6lBR9CQcTNXk+uI2Mkx2zyqFQb3DXPR
Kyc=
-----END CERTIFICATE-----
Generated at Sun Jun 2 07:30:51 2024 by rpki-client on console-ams.rpki-client.org